[Bug 1233895] [NEW] AppArmor hooks incorrectly build query string for receiving process

Tyler Hicks tyhicks at canonical.com
Tue Oct 1 23:03:52 UTC 2013


Public bug reported:

While reviewing the AppArmor hooks in dbus-daemon, I noticed that the AppArmor
query string for the receiving process was being constructed incorrectly in
dbus 1.6.12-0ubuntu5.

Here's the query for the sending process. Note that the message destination is
used for the AppArmor query's peer name (the fourth parameter):

      qsize = build_query (&qstr, scon->context, bustype, destination,
                           tcon->context, path, interface, method);

Here's the query for the receiving process. Note that the message destination
is still being used for the AppArmor query's peer name. This is incorrect
because the peer of the receiving process is the sender.

      qsize = build_query (&qstr, tcon->context, bustype, destination,
                           scon->context, path, interface, method);

** Affects: apparmor-easyprof-ubuntu (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: dbus (Ubuntu)
     Importance: High
     Assignee: Tyler Hicks (tyhicks)
         Status: In Progress

** Affects: apparmor-easyprof-ubuntu (Ubuntu Saucy)
     Importance: Undecided
         Status: New

** Affects: dbus (Ubuntu Saucy)
     Importance: High
     Assignee: Tyler Hicks (tyhicks)
         Status: In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to dbus in Ubuntu.
https://bugs.launchpad.net/bugs/1233895

Title:
  AppArmor hooks incorrectly build query string for receiving process

Status in “apparmor-easyprof-ubuntu” package in Ubuntu:
  New
Status in “dbus” package in Ubuntu:
  In Progress
Status in “apparmor-easyprof-ubuntu” source package in Saucy:
  New
Status in “dbus” source package in Saucy:
  In Progress

Bug description:
  While reviewing the AppArmor hooks in dbus-daemon, I noticed that the AppArmor
  query string for the receiving process was being constructed incorrectly in
  dbus 1.6.12-0ubuntu5.

  Here's the query for the sending process. Note that the message destination is
  used for the AppArmor query's peer name (the fourth parameter):

        qsize = build_query (&qstr, scon->context, bustype, destination,
                             tcon->context, path, interface, method);

  Here's the query for the receiving process. Note that the message destination
  is still being used for the AppArmor query's peer name. This is incorrect
  because the peer of the receiving process is the sender.

        qsize = build_query (&qstr, tcon->context, bustype, destination,
                             scon->context, path, interface, method);

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor-easyprof-ubuntu/+bug/1233895/+subscriptions



More information about the foundations-bugs mailing list